/** * Update section */ function UpdateSection($update, $api = false) { global $database; # replace special chars for permissions $update['permissions'] = mysqli_real_escape_string($database, $update['permissions']); $update['description'] = mysqli_real_escape_string($database, $update['description']); $update['name'] = mysqli_real_escape_string($database, $update['name']); if (!$api && !$update['name']) { die('<div class="alert alert-danger">' . _('Name is mandatory') . '!</div>'); } # section name is mandatory $query = setUpdateSectionQuery($update); # set update section query $log = prepareLogFromArray($update); # prepare log /* save old if delete */ if ($update['action'] == "delete") { $dold = getSectionDetailsById($update['id']); } elseif ($update['action'] == "edit") { $old = getSectionDetailsById($update['id']); } # delete and edit requires multiquery if ($update['action'] == "delete" || $update['action'] == "edit") { # execute try { $result = $database->executeMultipleQuerries($query, true); } catch (Exception $e) { $error = $e->getMessage(); updateLogTable('Section ' . $update['action'] . ' failed (' . $update['name'] . ') - ' . $error, $log, 2); # write error log if (!$api) { print '<div class="alert alert-danger">' . "Cannot {$update['action']} all entries" . ' - ' . $error . '!</div>'; } return false; } # success updateLogTable('Section ' . $update['name'] . ' ' . $update['action'] . ' ok', $log, 1); # write success log /* for changelog */ if ($update['action'] == "delete") { $dold['id'] = $update['id']; writeChangelog('section', $update['action'], 'success', $dold, array()); } else { writeChangelog('section', $update['action'], 'success', $old, $update); } return true; } else { # execute try { $result = $database->executeQuery($query, true); } catch (Exception $e) { $error = $e->getMessage(); updateLogTable('Adding section ' . $update['name'] . 'failed - ' . $error, $log, 2); # write error log if (!$api) { die('<div class="alert alert-danger">' . 'Cannot update database' . '!<br>' . $error . '</div>'); } return false; } # success updateLogTable('Section ' . $update['name'] . ' added succesfully', $log, 1); # write success log /* for changelog */ $update['id'] = $result; writeChangelog('section', $update['action'], 'success', array(), $update); return true; } }
/** * Update section */ function UpdateSection($update, $api = false) { global $db; # get variables from config file $database = new database($db['host'], $db['user'], $db['pass'], $db['name']); # open db connection # replace special chars for permissions $update['permissions'] = mysqli_real_escape_string($database, $update['permissions']); $update['description'] = mysqli_real_escape_string($database, $update['description']); $update['name'] = mysqli_real_escape_string($database, $update['name']); if (!$api && !$update['name']) { die('<div class="alert alert-error">' . _('Name is mandatory') . '!</div>'); } # section name is mandatory $query = setUpdateSectionQuery($update); # set update section query $log = prepareLogFromArray($update); # prepare log # delete and edit requires multiquery if ($update['action'] == "delete" || $update['action'] == "edit") { # execute try { $result = $database->executeMultipleQuerries($query); } catch (Exception $e) { $error = $e->getMessage(); updateLogTable('Section ' . $update['action'] . ' failed (' . $update['name'] . ') - ' . $error, $log, 2); # write error log if (!$api) { print '<div class="alert alert-error">' . "Cannot {$update['action']} all entries" . ' - ' . $error . '!</div>'; } return false; } # success updateLogTable('Section ' . $update['name'] . ' ' . $update['action'] . ' ok', $log, 1); # write success log return true; } else { # execute try { $result = $database->executeQuery($query); } catch (Exception $e) { $error = $e->getMessage(); updateLogTable('Adding section ' . $update['name'] . 'failed - ' . $error, $log, 2); # write error log if (!$api) { die('<div class="alert alert-error">' . 'Cannot update database' . '!<br>' . $error . '</div>'); } return false; } # success updateLogTable('Section ' . $update['name'] . ' added succesfully', $log, 1); # write success log return true; } }